XSS vulnerability in FortiGate DHCP monitor page
An Improper Neutralization of Input vulnerability in the hostname parameter of a DHCP packet under DHCP monitor page may allow an unauthenticated attacker in the same network as the FortiGate to perform a Stored Cross Site Scripting attack (XSS) by sending a crafted DHCP packet.
FortiGate version 6.2.1 and below.
FortiGate version 6.0.6 and below.
Please upgrade to FortiGate version 6.2.2 and above.
Please upgrade to FortiGate version 6.0.7 and above.